[observability] Observability Coverage Report - 2026-04-27

[github-actions[bot]]

Executive Summary

Analyzed 35 downloaded workflow runs from the last 7 days window. Of those, 33 had parsed summaries and 30 completed firewall-enabled runs could be evaluated for AWF firewall log coverage. Firewall observability is mostly present: 29 of 30 completed firewall-enabled runs included sandbox/firewall/logs/access.log for 96.7% coverage.

MCP telemetry coverage is healthy for completed MCP-enabled runs. All 29 MCP-enabled completed runs had mcp-logs/rpc-messages.jsonl, which is the canonical fallback when gateway.jsonl is absent. No completed MCP-enabled run was missing both telemetry formats.

One completed firewall-enabled run is missing the critical Squid access.log artifact. This is the only critical observability gap found in this report window.

Key Alerts and Anomalies

🔴 Critical Issues:

• Design Decision Gate 🏗️ run §25021569113 completed with failure and firewall_enabled: true, but its artifact list does not include sandbox/firewall/logs/access.log. This prevents egress debugging for that run.

⚠️ Warnings:

• Smoke CI run §25021560492 included an access.log artifact but had 0 parsed firewall entries.
• AI Moderator runs §25023060040 and §25021631002 were downloaded but lacked run_summary.json and aw_info.json, so firewall and MCP coverage could not be classified from parsed metadata.
• Three in-progress runs were downloaded before artifacts finalized and were excluded from completed-run coverage decisions: §25025676227, §25025678734, §25025367546.

Coverage Summary

Component	Runs Analyzed	Logs Present	Coverage	Status
AWF Firewall (access.log)	30 completed firewall-enabled	29	96.7%	🔴 Critical gap
MCP Gateway (gateway.jsonl or rpc-messages.jsonl)	29 completed MCP-enabled	29	100%	✅ Healthy
Overall required observability artifacts	59 expected artifacts	58	98.3%	⚠️ Needs one fix

Detailed Run Analysis

Firewall-Enabled Runs

Workflow	Run ID	access.log	Entries	Allowed	Blocked	Status
Daily Semgrep Scan	§25025628914	✅	27	11	16	✅ Healthy
Package Specification Librarian	§25025274482	✅	14	14	0	✅ Healthy
Daily Project Performance Summary Generator (Using MCP Scripts)	§25025192185	✅	61	30	31	✅ Healthy
Issue Monster	§25024972560	✅	6	6	0	✅ Healthy
Daily Safe Output Integrator	§25024399459	✅	14	7	7	✅ Healthy
Daily Skill Optimizer Improvements	§25024998311	✅	8	8	0	✅ Healthy
Issue Monster	§25023718069	✅	8	8	0	✅ Healthy
Daily Secrets Analysis Agent	§25022829421	✅	8	4	4	✅ Healthy
Draft PR Cleanup	§25022146862	✅	3	3	0	✅ Healthy
Daily Safe Outputs Conformance Checker	§25022116654	✅	8	8	0	✅ Healthy
Design Decision Gate 🏗️	§25021569113	❌	0	0	0	🔴 Critical
Test Quality Sentinel	§25021569102	✅	4	4	0	✅ Healthy
Smoke CI	§25021560492	✅	0	0	0	⚠️ Empty
Daily Compiler Quality Check	§25021090720	✅	50	25	25	✅ Healthy
Go Logger Enhancement	§25020571393	✅	138	138	0	✅ Healthy
Daily Malicious Code Scan Agent	§25020625711	✅	48	42	6	✅ Healthy
Daily OTel Instrumentation Advisor	§25020574042	✅	16	16	0	✅ Healthy
Daily Code Metrics and Trend Tracking Agent	§25020938405	✅	483	483	0	✅ Healthy
Daily Regulatory Report Generator	§25020008548	✅	49	23	26	✅ Healthy
Contribution Check	§25019852439	✅	42	42	0	✅ Healthy
Daily Workflow Updater	§25019436188	✅	76	69	7	✅ Healthy
Copilot CLI Deep Research Agent	§25019911810	✅	22	22	0	✅ Healthy
Issue Monster	§25018043957	✅	5	5	0	✅ Healthy
Agentic Optimization Kit	§25020795697	✅	123	65	58	✅ Healthy
Sergo - Serena Go Expert	§25018127451	✅	44	44	0	✅ Healthy
Agentic Workflow Audit Agent	§25019817167	✅	72	72	0	✅ Healthy
Daily DIFC Integrity-Filtered Events Analyzer	§25017316196	✅	6	3	3	✅ Healthy
Copilot Agent Prompt Clustering Analysis	§25017049431	✅	58	58	0	✅ Healthy
Design Decision Gate 🏗️	§25016518557	✅	9	9	0	✅ Healthy
Test Quality Sentinel	§25016518533	✅	7	7	0	✅ Healthy

Missing Firewall Logs (access.log)

Workflow	Run ID	Date	Link
Design Decision Gate 🏗️	25021569113	2026-04-27	§25021569113

MCP-Enabled Runs

Workflow	Run ID	Telemetry Source	Servers	Tool Calls	Errors	Status
Daily Semgrep Scan	§25025628914	rpc-messages.jsonl	2	3	0	✅ Healthy
Package Specification Librarian	§25025274482	rpc-messages.jsonl	1	1	0	✅ Healthy
Daily Project Performance Summary Generator (Using MCP Scripts)	§25025192185	rpc-messages.jsonl	0	0	0	✅ Healthy
Issue Monster	§25024972560	rpc-messages.jsonl	1	3	0	✅ Healthy
Daily Safe Output Integrator	§25024399459	rpc-messages.jsonl	1	1	0	✅ Healthy
Daily Skill Optimizer Improvements	§25024998311	rpc-messages.jsonl	1	1	0	✅ Healthy
Issue Monster	§25023718069	rpc-messages.jsonl	1	6	0	✅ Healthy
Daily Secrets Analysis Agent	§25022829421	rpc-messages.jsonl	1	1	0	✅ Healthy
Draft PR Cleanup	§25022146862	rpc-messages.jsonl	2	3	0	✅ Healthy
Daily Safe Outputs Conformance Checker	§25022116654	rpc-messages.jsonl	1	1	0	✅ Healthy
Test Quality Sentinel	§25021569102	rpc-messages.jsonl	1	1	0	✅ Healthy
Smoke CI	§25021560492	rpc-messages.jsonl	1	1	0	✅ Healthy
Daily Compiler Quality Check	§25021090720	rpc-messages.jsonl	2	5	0	✅ Healthy
Go Logger Enhancement	§25020571393	rpc-messages.jsonl	1	2	0	✅ Healthy
Daily Malicious Code Scan Agent	§25020625711	rpc-messages.jsonl	1	1	0	✅ Healthy
Daily OTel Instrumentation Advisor	§25020574042	rpc-messages.jsonl	1	1	0	✅ Healthy
Daily Code Metrics and Trend Tracking Agent	§25020938405	rpc-messages.jsonl	1	7	0	✅ Healthy
Daily Regulatory Report Generator	§25020008548	rpc-messages.jsonl	0	0	0	✅ Healthy
Contribution Check	§25019852439	rpc-messages.jsonl	0	0	0	✅ Healthy
Daily Workflow Updater	§25019436188	rpc-messages.jsonl	1	1	0	✅ Healthy
Copilot CLI Deep Research Agent	§25019911810	rpc-messages.jsonl	1	2	0	✅ Healthy
Issue Monster	§25018043957	rpc-messages.jsonl	1	4	0	✅ Healthy
Agentic Optimization Kit	§25020795697	rpc-messages.jsonl	2	11	0	✅ Healthy
Sergo - Serena Go Expert	§25018127451	rpc-messages.jsonl	3	46	0	✅ Healthy
Agentic Workflow Audit Agent	§25019817167	rpc-messages.jsonl	2	16	0	✅ Healthy
Daily DIFC Integrity-Filtered Events Analyzer	§25017316196	rpc-messages.jsonl	1	1	0	✅ Healthy
Copilot Agent Prompt Clustering Analysis	§25017049431	rpc-messages.jsonl	1	4	0	✅ Healthy
Design Decision Gate 🏗️	§25016518557	rpc-messages.jsonl	2	7	0	✅ Healthy
Test Quality Sentinel	§25016518533	rpc-messages.jsonl	1	2	0	✅ Healthy

Missing MCP Telemetry

No completed MCP-enabled run was missing both gateway.jsonl and rpc-messages.jsonl.

Telemetry Quality Analysis

Firewall Log Quality

• Total parsed firewall requests: 1,409
• Allowed requests: 1,226
• Blocked requests: 183 (13.0%)
• Unique allowed domains: 13
• Blocked destination labeling: blocked entries were grouped under (unknown) in the parsed cache, so domain-level blocked analysis is limited.
• Highest block-pressure workflows: Agentic Optimization Kit (58 blocked), Daily Project Performance Summary Generator (31), Daily Regulatory Report Generator (26), Daily Compiler Quality Check (25), Daily Semgrep Scan (16).

Gateway Log Quality

• Preferred gateway.jsonl: 0 parsed completed runs
• Canonical fallback rpc-messages.jsonl: 29 parsed completed runs
• MCP servers observed: agenticworkflows, github, mcpscripts, safeoutputs, semgrep, serena
• Total parsed MCP tool calls: 132
• Parsed MCP errors: 0
• Average response time: N/A from the generated summary; parsed server durations were reported as 0ns, so latency quality should be treated as unavailable from this cache.

Additional Telemetry

• 33 runs had parsed run_summary.json metadata.
• 33 runs had aw_info.json metadata.
• Agent logs and safe output logs were present for most parsed agent runs; two AI Moderator failures only exposed workflow log text files and should be investigated separately if metadata gaps recur.

Recommended Actions

1. Fix artifact upload or failure-path collection for firewall-enabled runs so sandbox/firewall/logs/access.log is uploaded even when the agent job exits early or fails, using §25021569113 as the reproduction case.
2. Add a regression check in the detection or conclusion stage that marks firewall-enabled runs as observability-incomplete when firewall_enabled: true but access.log is absent from artifacts_list.
3. Preserve rpc-messages.jsonl as the required fallback MCP telemetry artifact, and consider restoring or adding gateway.jsonl where supported so duration and status metrics are available without relying on raw JSON-RPC reconstruction.
4. Investigate why the two AI Moderator failures lacked run_summary.json and aw_info.json; if those failures occurred before agent setup, add a minimal pre-agent summary artifact for classification.

Historical Trends

Historical comparison was not available from the current downloaded cache. This report should be compared with the next daily run to confirm whether the Design Decision Gate missing access.log case is isolated or recurring.

Context

• Analysis window: last 7 days, as returned by agenticworkflows logs --count 100 --start_date -7d
• Workflow runs downloaded: 35
• Parsed summaries available: 33
• Completed firewall-enabled runs evaluated: 30
• Completed MCP-enabled runs evaluated: 29
• Report date: 2026-04-27

References: §25021569113, §25025628914, §25025676227

Warning

Firewall blocked 4 domains

The following domains were blocked by the firewall during workflow execution:

• ab.chatgpt.com
• api.github.com
• chatgpt.com
• github.com

💡 Tip: api.github.com is blocked because GitHub API access uses the built-in GitHub tools by default. Instead of adding api.github.com to network.allowed, use tools.github.mode: gh-proxy for direct pre-authenticated GitHub CLI access without requiring network access to api.github.com:

tools:
  github:
    mode: gh-proxy

See GitHub Tools for more information on gh-proxy mode.

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "ab.chatgpt.com"
    - "api.github.com"
    - "chatgpt.com"
    - "github.com"

See Network Configuration for more information.

Generated by Daily Observability Report for AWF Firewall and MCP Gateway · ◷

• expires on Apr 28, 2026, 11:55 PM UTC

[github-actions[bot]]

This discussion has been marked as outdated by Daily Observability Report for AWF Firewall and MCP Gateway.

A newer discussion is available at Discussion #29004.